lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140324062225.GA22338@redhat.com>
Date:	Mon, 24 Mar 2014 08:22:25 +0200
From:	"Michael S. Tsirkin" <mst@...hat.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
Cc:	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	Monam Agarwal <monamagarwal123@...il.com>, davem@...emloft.net,
	jasowang@...hat.com, xemul@...allels.com, wuzhy@...ux.vnet.ibm.com,
	therbert@...gle.com, yamato@...hat.com, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] drivers/net: Use RCU_INIT_POINTER(x, NULL) in tun.c

On Sun, Mar 23, 2014 at 10:25:27PM -0700, Eric Dumazet wrote:
> On Mon, 2014-03-24 at 07:09 +0200, Michael S. Tsirkin wrote:
> 
> > Seems an incredibly strict requirement for something that just
> > silences a warning.
> > What exactly should I test?
> > I intended to just verify this produces same code as before
> > d322f45ceed525daa under a recent gcc.
> 
> Thats because many rcu_assign_pointer(X, NULL) were already converted to
> RCU_INIT_POINTER(X, NULL)
> 
> Quite frankly I don't know why you bother at all.
> 
> Adding back the lazy test in rcu_assign_pointer() doesn't help to make
> the API cleaner and easier to understand.
> 
> People are usually using RCU API without really understanding
> all the issues. They tend to add superfluous barriers because they feel
> better. 

Cute.  This is exactly what d322f45ceed525daa did actually -
made the barrier unconditional even when not needed.

> Having separate RCU_INIT_POINTER() and rcu_assign_pointer() serve as
> better documentation of the code, I find it more easier to immediately
> check what is going on while reviewing stuff.
> 
> Presumably, checkpatch.pl could be augmented to suggest to use
> RCU_INIT_POINTER(X, NULL) instead of rcu_assign_pointer(X, NULL)
> 
> 


What happens if someone then changes that NULL to something else?
Things will start to break in subtle way, won't they?

To me RCU_INIT_POINTER seems to say "safe to use when initializing
pointer field when no one can access the structure".
The patch that started it all changed a path that clearly
does not satisfy this: it is mutating a field not initializing
it before use. After looking at the implementation, it does
seem safe.  So if some people actually like this API, I don't mind.
A matter of taste I guess.

If someone still wants to make rcu_assign_pointer more optimal, without
a warning, I see a cleaner way to do this now, below.
Lightly tested - if someone sees value in this but requires more testing, let me know,
if no one responds I'll just drop the whole thing.

--->

rcu: optimize rcu_assign_pointer with NULL

The rcu_assign_pointer() dropped __builtin_constant_p check to
avoid a compiler warning, but we can actually work around it
using an inline wrapper, without adding code.

Signed-off-by: Michael S. Tsirkin <mst@...hat.com>

---

diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h
index 72bf3a0..0d45b6d 100644
--- a/include/linux/rcupdate.h
+++ b/include/linux/rcupdate.h
@@ -585,9 +585,18 @@ static inline void rcu_preempt_sleep_check(void)
  * please be careful when making changes to rcu_assign_pointer() and the
  * other macros that it invokes.
  */
+/* The inline wrapper is here to prevent gcc from emitting a warning when
+ * passed a pointer to a variable.
+ */
+static inline _rcu_safe_smp_wmb_unless_null(const void *v)
+{
+	if (!__builtin_constant_p(v) || ((v) != NULL))
+		smp_wmb();
+}
+
 #define rcu_assign_pointer(p, v) \
 	do { \
-		smp_wmb(); \
+		_rcu_safe_smp_wmb_unless_null((__force const void *)(v)); \
 		ACCESS_ONCE(p) = RCU_INITIALIZER(v); \
 	} while (0)
 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ